Identity theft happens when an individual or group of individuals takes personally identifiable information like names, date of birth, social security number, your address, and your mother’s maiden name among others. Once they have this information, they will pretend to be you and use it for their own financial gain without your knowledge.
The recent technological advancements have made it easy for your identity to be stolen. Individuals interested in your personally identifiable information will either use technological and non-technological schemes. Below are the top 5 ways you could become a victim of identity fraud.
Data breaches are one of the most common sources of stolen identity information, but we’ve written an entire article on data breaches here.
Social engineering when an individual or groups of individuals decide to make use of malicious activities to manipulate one psychologically and convince him to reveal personal information. The individual will, first of all, investigate the victim to gather as much information as they can. This information will allow him to identify any weak spots and any other areas that can be capitalized on to gain the trust of the victim. To convince the victim of their legitimacy, the perpetrator will take charge of the interactions and engage the victim fully. Once the victim believes they are legitimate, the perpetrator then proceeds to ask for more information that is then used to carry out identity fraud.
To avoid being a victim of social engineering, ensure that you stay diligent at all times and follow these tips:
- Don’t open emails or attachments from unknown sources.
- Be cautious of enticing offers that appear too good to be true
- Use multifactor authentication
- Ensure your antivirus is updated
Credit card/debit card theft
Credit cards and debit cards have personal information that can easily be used to commit identity fraud should they land in the wrong hands. One can easily open a bank account or acquire another credit card using those details. The new cards can then be used to make payments and rack up charges.
Protect yourself using these tips:
- Write the initials CID “See ID” in the signature panel at the back of the card. This will require merchants to ask for other forms of ID before authorizing charges.
- Keep your card in plain sight every time you make a payment
- Learn how to identify genuine and secure sites before using your card on any site.
- Don’t give card details via phone
Man in the middle attack
This type of attack occurs when an attacker intercepts communication between two parties by eavesdropping or modifying the traffic between the two. The attacker is then able to gather sensitive information such as passwords and usernames or personally identifiable information.
A man in the middle attack allows the attacker to interfere with the communication process or create a fake network to divert traffic to. The data collected is then checked for any valuable information that can be used to steal your identity. This is a difficult attack to detect since it’s carried out discreetly.
Use these tips to detect any man in the middle attack:
- Regularly check your credit card reports to find out any strange transactions and charges
- Always check the legitimacy of all websites you visit, especially those you fill in personal information.
A phishing attack is carried out when an attacker sends misleading emails to potential victims in an attempt to trick the victim into giving out personal information. The attacker will pretend to be a genuine person or institution seeking help or wants to do business with the individual. Even though it’s one of the oldest cyber-attack methods, it’s still one of the widest spread and the techniques and messages have become more sophisticated. Examples of phishing schemes:
Vishing, also known as voice phishing. This attack is carried out when instead of sending an email, the attacker calls the victim and pretends to be working for or representing a legitimate company or person. The main purpose of the attack is to get the victim to reveal as much personal information as possible. In some cases, the victim will receive a robocall informing him that he has won something is therefore required to provide personal information before it’s delivered.
Search engine phishing
The attacker creates a website that has extremely unbelievable offers. The website will be indexed into search engines like Google and yahoo making it easy for them to show up in search results. Anyone who visits the site is rewarded with incentives and convinced to provide personal information if they want to enjoy the offer.
The attacker will pretend to be a legitimate entity and send spam text messages to victims. The messages appear to be urgent and make the recipient feel like if they fail to take action by providing the required information, they’ll suffer losses.
Malware based phishing
The attacker comes up with a malicious program that’s meant to look like a genuine program. The program records everything you do on your computer and sends this information to the attacker.
Use these tips to protect yourself from phishing attacks:
- Be careful about downloading and installing any software
- Don’t dial back unknown numbers
- Research all companies that contact you
- Check the padlock symbol on websites in the address bar
Stealing of personally items/ dumpster diving/mail theft
The attacker can go through your trash in an attempt to get anything that contains personally identifiable information that can be used to steal the individual’s identity. In some cases, an individual’s mail or personal items can be stolen. Depending on what has been stolen, the attacker can use the details gained to steal the person’s identity.
Use these tips to protect yourself:
- Lock your mailbox
- Shred everything in a manner that will make it impossible to read anything.
- Contact the credit card company immediately if it’s stolen.
Learn more about protecting your credit from credit fraud!